Re: ipt_unclean: TCP flags bad: 4

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Hans Reiser: "Re: OT: Journaling FS Comparison"
• Previous message: Martin Knoblauch: "Re: OT: Journaling FS Comparison"
• Maybe in reply to: Alan J. Wylie: "ipt_unclean: TCP flags bad: 4"
• Next in thread: Alan J. Wylie: "Re: ipt_unclean: TCP flags bad: 4"
• Reply: Alan J. Wylie: "Re: ipt_unclean: TCP flags bad: 4"

Please try this patch...

Note that this should be a warning to people not to reject packets
based on ipt_unclean, or we'll end up with another situation like the
ECN blackholes when the next Funky New Thing comes along...

Thanks,
Rusty.

--
Premature optmztion is rt of all evl. --DK

diff -urN -I \$.*\$ -X /home/rusty/devel/kernel/kernel-patches/dontdiff --minimal linux-2.4.7-official/net/ipv4/netfilter/ipt_unclean.c working-2.4.7-unclean/net/ipv4/netfilter/ipt_unclean.c
--- linux-2.4.7-official/net/ipv4/netfilter/ipt_unclean.c	Sun Jul 22 13:13:27 2001
+++ working-2.4.7-unclean/net/ipv4/netfilter/ipt_unclean.c	Mon Jul 23 18:29:11 2001
@@ -331,6 +331,7 @@
 	tcpflags = ((u_int8_t *)tcph)[13];
 	if (tcpflags != TH_SYN
 	    && tcpflags != (TH_SYN|TH_ACK)
+	    && tcpflags != TH_RST
 	    && tcpflags != (TH_RST|TH_ACK)
 	    && tcpflags != (TH_RST|TH_ACK|TH_PUSH)
 	    && tcpflags != (TH_FIN|TH_ACK)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

• Next message: Hans Reiser: "Re: OT: Journaling FS Comparison"
• Previous message: Martin Knoblauch: "Re: OT: Journaling FS Comparison"
• Maybe in reply to: Alan J. Wylie: "ipt_unclean: TCP flags bad: 4"
• Next in thread: Alan J. Wylie: "Re: ipt_unclean: TCP flags bad: 4"
• Reply: Alan J. Wylie: "Re: ipt_unclean: TCP flags bad: 4"